Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/RXSXIHarekap1UG5ECm_DoiEyqE.roa
File: RXSXIHarekap1UG5ECm_DoiEyqE.roa (raw, json)
Hash identifier: D5jVc7KIAJX7j8/2QXgYCPnegeOCoLZgI1h2Fkme4NM=
Subject key identifier: 45:74:97:20:76:AB:7A:46:A9:D5:41:B9:10:29:BF:0E:88:84:CA:A1
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01856CE603F63AC5A07805CD1053A614D25C
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/RXSXIHarekap1UG5ECm_DoiEyqE.roa
Signing time: Sun 01 Jan 2023 10:34:51 +0000
ROA not before: Sun 01 Jan 2023 10:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202958
IP address blocks: 194.4.58.0/24 maxlen: 24
194.4.57.0/24 maxlen: 24
194.4.56.0/24 maxlen: 24
194.4.59.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
194.146.43.0/24 maxlen: 24
194.146.42.0/24 maxlen: 24
194.146.41.0/24 maxlen: 24
194.146.40.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
2a06:941::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:03:f6:3a:c5:a0:78:05:cd:10:53:a6:14:d2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 10:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4574972076ab7a46a9d541b91029bf0e8884caa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:21:bb:53:58:e5:ef:da:6c:f1:c7:85:81:68:
1b:a2:9f:1a:03:6f:44:10:e6:37:56:a3:9e:ae:dc:
89:79:56:9a:2c:d2:db:6c:34:56:a6:78:c9:a5:7e:
2d:19:6e:bf:c7:51:ba:82:61:d7:40:04:83:ab:19:
87:a7:9b:61:c0:04:26:5a:be:d5:c1:cc:af:5c:66:
3c:79:f4:9a:0b:18:b5:84:7a:11:b7:7f:be:a7:b9:
6d:17:45:b7:8a:6b:03:1c:7c:df:07:69:1c:5b:dd:
70:70:1e:19:24:58:25:32:77:db:eb:e4:07:4f:3b:
5d:89:f3:86:48:f7:06:de:11:fd:c5:67:63:38:d4:
74:8c:a7:2f:4b:bf:b9:5a:18:31:f5:31:75:7b:3b:
be:97:8a:5e:b4:84:89:75:af:fc:f1:3a:56:59:dd:
4e:a8:8a:c2:e9:b5:45:26:c0:99:83:a7:d0:ad:f1:
a4:f8:e2:34:b7:f1:40:ba:31:69:20:3d:b9:c3:e1:
36:15:7c:15:a0:7f:07:47:c9:41:1f:3e:66:2f:8b:
89:f5:61:f0:04:6a:cf:c0:47:2d:69:e7:f9:fa:e9:
06:62:bd:57:79:8e:41:f7:fb:79:ad:88:39:3c:1e:
6d:07:1e:19:10:df:cc:a6:04:c0:cf:2c:87:db:d6:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:74:97:20:76:AB:7A:46:A9:D5:41:B9:10:29:BF:0E:88:84:CA:A1
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/RXSXIHarekap1UG5ECm_DoiEyqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.198.0/23
185.98.4.0/24
185.100.66.0/24
185.113.133.0/24
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
194.4.56.0/22
194.146.40.0/22
IPv6:
2a06:941::/48
Signature Algorithm: sha256WithRSAEncryption
59:e3:0c:00:0f:f8:44:47:8d:e1:3e:ce:f3:49:bc:b6:be:38:
0f:86:5e:09:7c:94:e2:40:77:b3:76:f8:da:29:a4:d5:66:cb:
fa:47:6f:30:da:a8:9f:b3:79:06:16:e4:a1:a1:a6:64:83:1d:
23:32:2d:d2:cb:80:50:9b:9c:63:c6:eb:30:49:57:4b:5d:60:
12:5c:ba:e2:53:2d:e3:61:77:2e:b9:1c:c7:0d:a5:84:67:7f:
e5:6c:70:4b:32:44:ca:16:c1:71:6d:a0:8d:75:b9:ce:de:75:
70:99:b9:b4:8e:55:28:3e:9e:dc:b7:29:a7:6f:d8:a8:43:9c:
8e:34:a1:f2:9a:fe:79:fb:22:1f:6e:fc:2f:fb:3a:e9:ce:7f:
31:9e:b0:13:a6:98:26:10:67:c8:a3:b7:81:fc:ce:c0:e6:bd:
a7:40:08:53:9b:93:29:07:57:44:b9:01:38:dc:53:26:6c:89:
54:0c:43:33:e8:f8:6c:8d:5f:98:f9:c1:15:50:80:5e:7f:99:
b2:de:16:1e:9d:da:66:b9:49:91:fe:7e:8f:e6:78:0d:6d:fe:
87:c8:58:39:f5:3a:d5:31:7e:4f:b8:5d:04:24:71:8e:88:4f:
3c:79:f7:0b:07:de:2d:c3:94:07:cc:77:14:f7:e1:94:68:3b:
68:a3:4e:f2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVs5gP2OsWgeAXNEFOmFNJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwMTAxMTAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc0OTcyMDc2YWI3YTQ2YTlkNTQxYjkxMDI5YmYwZTg4ODRjYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCG7U1jl79ps8ceFgWgbop8aA29E
EOY3VqOertyJeVaaLNLbbDRWpnjJpX4tGW6/x1G6gmHXQASDqxmHp5thwAQmWr7V
wcyvXGY8efSaCxi1hHoRt3++p7ltF0W3imsDHHzfB2kcW91wcB4ZJFglMnfb6+QH
TztdifOGSPcG3hH9xWdjONR0jKcvS7+5Whgx9TF1ezu+l4petISJda/88TpWWd1O
qIrC6bVFJsCZg6fQrfGk+OI0t/FAujFpID25w+E2FXwVoH8HR8lBHz5mL4uJ9WHw
BGrPwEctaef5+ukGYr1XeY5B9/t5rYg5PB5tBx4ZEN/MpgTAzyyH29bRWQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEV0lyB2q3pGqdVBuRApvw6IhMqhMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvUlhTWElIYXJla2FwMVVHNUVDbV9Eb2lFeXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQBVmvGAwQA
uWIEAwQAuWRCAwQAuXGFAwQCuXTAAwQCuXlQAwQCuX1YAwQCwgQ4AwQCwpIoMA8E
AgACMAkDBwAqBglBAAAwDQYJKoZIhvcNAQELBQADggEBAFnjDAAP+ERHjeE+zvNJ
vLa+OA+GXgl8lOJAd7N2+NoppNVmy/pHbzDaqJ+zeQYW5KGhpmSDHSMyLdLLgFCb
nGPG6zBJV0tdYBJcuuJTLeNhdy65HMcNpYRnf+VscEsyRMoWwXFtoI11uc7edXCZ
ubSOVSg+nty3Kadv2KhDnI40ofKa/nn7Ih9u/C/7OunOfzGesBOmmCYQZ8ijt4H8
zsDmvadACFObkykHV0S5ATjcUyZsiVQMQzPo+GyNX5j5wRVQgF5/mbLeFh6d2ma5
SZH+fo/meA1t/ofIWDn1OtUxfk+4XQQkcY6ITzx59wsH3i3DlAfMdxT34ZRoO2ij
TvI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:27 2024 by rpki-client on console-ams.rpki-client.org